In a message written on Fri, Sep 03, 2010 at 04:33:23PM -0400, Deepak Jain wrote: > Moreover, when every enterprise has a /48 or better, network admins are going > to need to be able to track down machines/devices/ear pieces/what have you on > a better basis then trapping them when they speak up. There is a huge > potential for sleepers in IPv6 space that we don't see any more in IPv4 > (because the tools are better). Eventually someone will find an approach to > do this kind of surveying and then make it cheap enough everyone can do it. > (how often do security-admins use NMAP/Nessus/what have you to survey their > own space -- an IPv6 analog will *need* to be created eventually).
If you are the network admin, walking the L2 devices MAC tables and
comparing with the L3 devices ARP/ND/whatever tables is likely more
efficient for sparse address space.
Also keep in mind, IPv6 devices will often have multiple addresses,
and may move addresses quite regularly. For instance, I use "privacy"
or "temporary" addresses, my machine hops to a new IPv6 address
every 10 minutes. A scan will likely be out of date before it
completes for these sorts of addresses.
--
Leo Bicknell - bickn...@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
pgpHD382k11bO.pgp
Description: PGP signature
